Fwd: Fraud/Scam emails impersonating Amazon Fwd: Amazon.com Account Billing Problem

---------- Forwarded message ----------
From: Andrey Kopelev <ansvet_99@yahoo.com>
Date: Monday, December 6, 2021
Subject: Fraud/Scam emails impersonating Amazon Fwd: Amazon.com Account Billing Problem
To: spam@fightspam.gc.ca, reportphishing@antiphishing.org, reportphishing@apwg.org, phishing-report@us-cert.gov, fraudreporting@unaids.org, contact@cyber.gc.ca, stop-spoofing@amazon.com, spoofing@amazon.com, joellekaulitz@yahoo.com, domainabuse@tucows.com, ipadmin@hostmysite.com, abuse@hostmysite.com, abuse@hosting.com, netops@dosarrest.com, customercare@cc.yahoo.com, apac.customercare@cc.yahoo.com, hostmanagement.net@contactprivacy.com, admin@hostmanagement.net, abuse@contactprivacy.com, emailscamalerts@gmail.com

This IP address 204.12.102.45  bombards me with fraud/scam emails with suspicious link impersonating Amazon. My emails address is not officially listed anywhere. The only way this person could get it is from the spam list.  Please block their accounts.  Below is the full header and the example messages sent from this IP address.

X-Originating-Ip: [204.12.102.45]

canonical name

clustermx10.nwk01.hosting.com.

Domain Name: HOSTING.COM     Registry Domain ID: 4807915_DOMAIN_COM-VRSN     Registrar WHOIS Server: whois.tucows.com     Registrar URL: http://www.tucows.com     Updated Date: 2019-04-24T11:39:16Z     Creation Date: 1996-02-08T05:00:00Z     Registry Expiry Date: 2028-02-09T05:00:00Z     Registrar: Tucows Domains Inc.     Registrar IANA ID: 69     Registrar Abuse Contact Email: domainabuse@tucows.com

Geographic Location	United States
First Received From	approximately 4 years, 8 months, 5 weeks ago
Last Received From	within 1 year, 3 months, 4 weeks
Number Received	7 email(s) sent from this IP

Example Messages Sent From 204.12.102.45Subject: =?utf-8?B?5a6i5oi357uG5YiG5LiO4oCcMeWvuTHokKXplIDi=? 
Subject: =?utf-8?B?KEFEKeWmguS9leWIhuaekOS+m+W6lOWVhueahOaK=? 
Subject: 销/售h主 
Subject: qv塑造销售 
Subject: LinkedIn Network Updates 
Subject: Что такое Woody O 
Subject: =?windows-1251?B?zeXi5fDu//Lt7iDx7OX47e7pIPXu7P/qL=?= 
Subject: Charity! 
Subject: Best watches in the world. Best present. 
Subject: =?windows-1251?B?0O7x8ej/7eUg6CDz6vDg6O32+yDv7uzo8=?= 
Subject: Jan's New Email Address 
Subject: Make cash while getting in shape =?UTF-8?B?4oCT?= 
Subject: SPECIAL PROMOCODE INSIDE 
Subject: You simply cannot ignore our diet aid 
Subject: The fastest-selling weight reduction pill in the w 
Subject: Netflix - Bekraeft oplysninger forstander@l-i-e.dk 
Subject: C'est la deux 

Received: from 10.197.32.76 by atlas115.free.mail.bf1.yahoo.com with HTTPS; Sun, 5 Dec 2021 18:54:09 +0000

Received: from 204.12.102.45 (EHLO clustermx10.nwk01.hosting.com) by 10.197.32.76 with SMTP; Sun, 05 Dec 2021 18:54:09 +0000

Received: from EXHUB02.prov.ad.hostmanagement.net (unknown [208.112.100.254]) by clustermx10.nwk01.hosting.com (HDCMail-outmx) with ESMTP id 877BF4C8180; Sun,  5 Dec 2021 13:54:01 -0500 (EST)

Received: from EXMBX08.prov.ad.hostmanagement.net ([fe80::bc77:f759:5df3:1021]) by EXHUB02.prov.ad.hostmanagement.net ([::1]) with mapi id 14.03.0513.000; Sun, 5 Dec 2021 13:51:45 -0500

"Amazon.com" <axa@joannedcohen.bz> 

Amazon.com Account Billing Problem

To: undisclosed-recipients:; 

X-Ms-Tnef-Correlator: 

X-Hdc-Scanned: Yes

X-Ymailisg: xzFlg1sWLDsEJ3pHJrqMft0n.ktgIMZkNk3C8jrQCSUOiYzF p1HuZh8y6_2Lb1j1rxNZPwD0HHZbEXN8uM3amZ3O.T_AlpLiQMd_swWIxSY3 0q7MCl.45djQ29.qveM.Ie1CbkSnPL.ZBfU_QpzJDFDcBcIZhzsN5jDMaLaP GgupsZxspHaZx8KHsaqG9Ha_dysK3t_KgbxmeerM.XSkRR4iYDm_lO860cBg .BXX7wkPt2bzHcqQmP17D0g3rvMZgeOSlevNxpFiYj1Cbz6tC_IC7WWwi9qN vtWN1xdwMUYdHoVpoWEqMGFIGYmJB146bCVFnCJXxoblI20D59mAajEwEjl7 eq.xP4v07sdeGXQ3Yc6W_bqy7sudmgzKCXTwyGpRYeZOsZUnq.1HIJulFVPz XmPG6NLQ1EyJtdahQBTFKk8oAdfZphUd426JVz_eZjt9fe.WIrkAb_rRiePA QjW9moVMFqo1.tU1.VZVqxPj5bvaUCjguC99DPIYFh3.QwfyyC2TfP7MfXGp cNhgmfuEr_FcgfNMy1expn1RO9gKEx1YXONuYMvpTwzJdtgmFWide9x8kdXY JTlK.mTZUO.f.0MYchFsMYugpYoPePdqojSIDGRdGbuvx3r_fk168BfhAgYO neeWlDUay2fp9uLckNVrsP4KNAjT8zraGHE5yL6zkrKTARwavK1AY_uoco7w hDsk6cLvSGlYPR.gLWXyXvmMQbRYzfXeIluqTmbCTAVaXEMVuMiM60_FRlAv FpNvJUBXvVUQgEtqV6Io7S_10WZ971Fwe_BJDCrnppGMdJ.yEpNWku8FE5gW KHaoLgbxgOYdYMJ.A8wrBvfSJrDmqLW4aYbGDPzdzOvN.YOyzjy9j2v4uR.R qD1n9Nz.MUpF7ULytRyTjnKH1.KCZkJXRS3CrMWIGU.v7Z1oX.GJQ84RcZTb 4LwfS3N3dCaaLWXJ0r7J_JP6mYT7x7TwABr5vCjgdyhh56qCGC3cqCf4Nxps OfQTlL62pgSRpKJJ0_CQBzWlybcDpTdI6UrbvJdWjiusgjMJ7oC79fRhz3WY QiSyvPKdIzzP4Z1e1TnHLJ4Y0oCMO.cJdVTRvG4JgcB1K.EsTAGeTSZZqUdP 766GN4EaJsTCp_LugPfxWNrp3bfOiHXSqJFeHOI4ZscUAJv.n2TDWNZG0.Hl ypwpXYx.kS2gF_I578dDaM4o2E1oJxCRiGeAyE6UYlTC9UK1Q4_HtUkpc7fL C7Hs3WQPETec3KR.hBGb25eYuH92XV9q4bzxkrSTXeQZSf6LZJPqGoTvKEc_ xk8MOL_KTB8J4OcbLOLp7UW1OsxWafa4MK.l_xxORE3Gtp5HylDON.QWyEB3 apkdjP2d_gq3e4muSgESbN9jFDljGpr9K.R8Mrm76_qDLaSr1yNRJjwcyoOp dd.ZN.adzw4UnE35.NdK5_A7aAylROHHSXW.0e7OmuXP4S_PhX7yGtKvPSJU 4ED8VlNro.Y2jaFrO87YS1ERJSI13jl0OKy4HPbjBykZk0a5kylQN_6eh3NJ vtTQueo7J8sAANgNAhi52zB8GiguJWIw0CUKvTPAGlEtweWUYOWAZBFkGTVc HpCH4NmZMPfVRNKpOMHt4pNFCw08yoDUiWuCdue4dweG6vdyIn3Iu0dXQlzQ 7EN0KSKGnf_6mWfGexdK42aqXKyw1sOdw6MQ10uWyRMx6zu8qu7dzZvKY3vE bVE6tIqxGkyLfiWzpQQMaLzDWub2M9otD6S04ZZD84EYmrZ9UNBFBHI14X26 cbM2t1JwlfLL.AenS.8FQbZEEe.lylfH8NEimxAk1vDt_wSUl.f.4tHzcWu. XJKsHdRwj5QGkyZps4L8QPb00LywUv.vHfzlxTfoVDvT

Return-Path: <axa@joannedcohen.bz>

X-Originating-Ip: [204.12.102.45]

X-Originating-Ip: [10.100.3.51]

X-Apparently-To: ansvet_99@yahoo.com; Sun, 5 Dec 2021 18:54:10 +0000

X-Ms-Has-Attach: 

Mime-Version: 1.0

Thread-Index: AdfqCM7VuRP+5X8OS9O4twR6fWoj/g==

Authentication-Results: atlas115.free.mail.bf1.yahoo.com; dkim=unknown; spf=pass smtp.mailfrom=joannedcohen.bz; dmarc=unknown header.from=joannedcohen.bz;

Content-Length: 11046

Accept-Language: en-US

Thread-Topic: Amazon.com Account Billing Problem

<104F74B96C117B4AA73DABAF895C856A64C899@EXMBX08.prov.ad.hostmanagement.net>

Content-Type: multipart/alternative; boundary="_000_104F74B96C117B4AA73DABAF895C856A64C899EXMBX08provadhost_"

Received-Spf: pass (domain of joannedcohen.bz designates 204.12.102.45 as permitted sender)

Content-Language: en-US

Received: from 10.197.32.76 by atlas115.free.mail.bf1.yahoo.com with HTTPS; Sun, 5 Dec 2021 18:54:09 +0000

Received: from 204.12.102.45 (EHLO clustermx10.nwk01.hosting.com) by 10.197.32.76 with SMTP; Sun, 05 Dec 2021 18:54:09 +0000

Received: from EXHUB02.prov.ad.hostmanagement.net (unknown [208.112.100.254]) by clustermx10.nwk01.hosting.com (HDCMail-outmx) with ESMTP id 877BF4C8180; Sun,  5 Dec 2021 13:54:01 -0500 (EST)

Received: from EXMBX08.prov.ad.hostmanagement.net ([fe80::bc77:f759:5df3:1021]) by EXHUB02.prov.ad.hostmanagement.net ([::1]) with mapi id 14.03.0513.000; Sun, 5 Dec 2021 13:51:45 -0500

Begin forwarded message:

From: Amazon.com <axa@joannedcohen.bz>

Subject: Amazon.com Account Billing Problem

Date: December 5, 2021 at 1:51:43 PM EST

To: undisclosed-recipients:;

Your credit card on file has been declined. Amazon.com Your Prime    |  Today's Deals    |  Prime Insider Hello  We're writing to let you know that the payment method for your order has been declined. Valid payment information must be received within 3 days, otherwise your order will be cancelled.* Since your card is invalid, your free account is on hold.  If you don't update your card information in the next 3 days, you will lose access to orders. To continue to enjoy membership benefits, please visit this link to log in to your Prime account and update your payment information.  Thank you Amazon.com Customer Service    Update Payment Information    © Amazon.com, Inc. or its affiliates. All rights reserved. Amazon, Amazon.com, Prime, the Amazon.com logo and 1-Click are registered trademarks of Amazon.com, Inc. or its affiliates. Amazon.com, 410 Terry Avenue N., Seattle, WA 98109-5210.  A charge can be declined for a variety of reasons. For more information on why this charge was declined please contact your card provider.  You can always access your account information and update your preferred payment method by following these steps: Go to www.amazon.com. Click on Your Account at the top of any page. Click "Manage Prime Membership" under "Settings". Sign in with your e-mail address and password. Under "Preferred Payment Method" on the right-hand side, click "edit payment method". Follow the on-screen instructions to update your card or choose a different one.